Slashdot Mirror


iTunes 4.5 Authentication Cracked

fooishbar writes "Yesterday, Apple released iTunes 4.5, which deliberately broke the 4.2 authentication scheme, which had been successfully reverse-engineered. However, crazney has been at it again, and within 24 hours of downloading iTunes 4.5, has broken the new scheme, and added more features to this library along the way. If you want to incorporate iTMS support in your program, give libopendaap a go!" Reader ScottGant submits this story about the Pepsi/iTunes promotion: "News.com has this story about Pepsi's iTunes promotion give-away. The promotion, which is slated to end this Friday, was to have given away 100 million tracks through Apple's iTunes music site. But according to Apple on Wednesday, only about 5 million free songs have been redeemed."

18 of 725 comments (clear)

  1. Re:This is annoying. by m0rph3us0 · · Score: 4, Insightful

    First Sale Doctorine. You can do what you want with things you purchase.

  2. No they didn't by CptChipJew · · Score: 5, Insightful

    I've worked for marketing companies that created similar promotions for their clients. Promotions like this are created with the full knowledge that the vast majority of winning caps will be tossed. 5% is actually a pretty strong number considering the L.A. Lakers caps they had in L.A. were only redeemed at a rate of 1.2 % (You got $10 off at Foot Locker) Have you noticed that 90% of the time McDonalds announces "We're giving away a million dollars!" that you never hear about anybody winning the prize?

    --
    Vonal Declosion
  3. I'm sure Apple doesn't care. by Anonymous Coward · · Score: 5, Insightful

    Their new strategy seems to be fixed, and it's a strict policy of lip service. If they make sure:

    - The De-Fairplay utilities don't have public development sites, and instead are forced to be these little files passed around on USENET and P2P and slashdot like they're some sort of contraband, well out of the public eye

    - The way things work change just *SLIGHTLY* with every minor release of iTunes, causing all the De-Fairplay utilities to have to be updated with every minor release

    Then, well. The slashdotters get to keep their de-Fairplay utilities and use them as much as they want; and from the RIAA's perspective, Apple's "doing something" about piracy, because there's no longer a publically visible way to crack Fairplay, and so they don't revoke Apple's license to sell music. Everybody wins! Except our civil liberties.

  4. Why so few redeemed songs... by BRSQUIRRL · · Score: 5, Insightful

    Ii might have something to do with the inconvenience of downloading and installing iTunes, creating an account (which includes entering a credit card number), and then finally entering the code and picking a song.

    But I think more importantly, the vast majority of people simply don't know much about iTunes (or don't even know what it IS). I dug a lot of "one free song" bottle caps out of the wastebaskets in our office because people didn't have a clue what they were...however, once I showed them how to redeem them, their reaction was usually something like "I can get any song I want?!? COOL!". This leads me to believe that Apple still has a ways to go in terms of public interest and awareness of the online music store scene...which is actually an exciting opportunity for them.

  5. Good? by wanerious · · Score: 4, Insightful

    And cracking the authentication scheme is considered ... good? I love iTunes and the iTMS. If Apple pulls out of the market because it tires of people breaking their rules out of a overblown sense of entitlement, we'll all be worse off.

  6. Re:This is annoying. by amdg · · Score: 4, Insightful

    Last I checked, you can just buy the CD at the store that contains no DRM at all.

    The problem is that you never know what you are going to get when you buy a CD. Many CDs these days come with DRM that stops you from playing the songs on computers and even some stereos. And you don't know until you try it at which point the stores won't let you return it because it was opened. So given the choice between a useless, ~$15, round, shiny piece of sh... err... plastic or a ~$10 downloaded album that I can burn to a CD, copy to my iPod, or play on 5 different computers, I think the choice is obvious. The phrase "lesser of two evils" comes to mind.

  7. Sounds like an ego thing to me by Infonaut · · Score: 5, Insightful
    "Hah! I cracked it in a matter of hours!"

    Ok, you're a clever guy. We get the message.

    But is your ego helping those of us who would like the RIAA to see the light and start being more open in their approach to digital music?

    --
    Read the EFF's Fair Use FAQ
  8. Re:This is annoying. by RatBastard · · Score: 4, Insightful

    But you knew going in that iTunes only runs under MacOS and Windows. You knew that when you agreed to the EULA. You agreed to their conditions when you signed up.

    You are under obligation to abide by the terms of the agreement you entered with Apple. Apple is under no obligation to support every OS out there.

    If you don't like the conditions Apple places in iTunes Music Store, including the limited number of supported platforms, don't use the service.

    --
    Boobies never hurt anyone. - Sherry Glaser.
  9. Hooray! by cubicledrone · · Score: 4, Insightful

    It's a great day! We found a new way to screw over the one company who actually found a way to provide what everyone said they wanted: convenient, electronic distribution of music at a fair price.

    But wait, that's not really what they wanted. What they really want is stores with no cash registers and libraries of thousands of pieces of music representing the creative efforts of generations of people while valuing those libraries at zero.

    Oh, and they also want to complain about greed.

    --
    Business isn't willing to pay for products, innovation and careers, so we get brands, mortgage commercials and layoffs.
  10. Dear God... by Anonymous Coward · · Score: 5, Insightful

    Here's a thought for you who didn't find a Pepsi Bottle with a yellow cap: TRY ANOTHER STORE. Just becaue 9/10 stores in my immediate area don't sell Sobe's Love Bus Brew, ndoesn't mean I won't travel somewhere that does.

    To those who couldn't find where to insert your code on iTunes. USE YOUR EYES. It was right there on the front page: "PEPSI iTUNES GIVEAWAY." With a Pepsi logo with headphones on it. Click on it, insert your code, then it says ONE FREE SONG in the upper right hand corner. Find a song, click DONWLOAD, and it downloads it free.

    To those complaining about having to use a credit card: How else are you going to pay for the songs you download? Food stamps?!

    And about the DRM. c'mon people. Apple has to play the game of the law and the game of the recording industry in order to sell these things. But you tell me. How many other service let you KEEP the rights to the songs you bought, allowing them to be burned with the only restriction: Can only burn the same PLAYLIST 7 times to CD....Hell, Add or subtract a song from that playlist and you have a whole new playlist ready to burn.

    People...just have no sense of reason. This is the BEST legal download service available on the market. Plus, the software is free, and is THE BEST jukebox software, on ANY platform.

    Even WINBLOWS users are stating that "opinion." Should be more like fact if you compare all the others.

  11. Re:Yay for hackers!!! by shark72 · · Score: 4, Insightful

    "I don't know why they bother trying to up the security. There is no way to secure media content that is compatible with mass distribution."

    It's the "a little goes a long way" paradigm. There's not a car lock that will stop a sophisticated thief who wants your car, but it stops 90% of the punters. Same with locks on doors and copy protection on computer games and gaming consoles. There are likely professional car thieves who also wonder out loud why the car manufacturers don't just give up because it's a losing battle, etc., but it's not going to happen, either.

    "They need to work on their business model, because this piecemeal anti-cracking stuff is a joke."

    Apple has sold 70 million songs in their first year, and the iTMS is the most wildly successful of any of the legitimate download services, by a wide margin. I think their business model suits them just fine. Remember, Slashdot readers != the general populace. The little annoyances of playing cat-and-mouse with the "all music must be free" crowd is just one part of doing business and is similar to the fraud and theft issues that many other retailers deal with.

    --
    Sitting in my day care, the art is decopainted.
  12. hacking itunes is wrong by voss · · Score: 4, Insightful

    Itunes maybe drm but they consistently have the most generous terms and usage limits. They also are reasonably priced. They put out a good product at a fair price...and they dont charge subscriptions. They are also the only paid song program for Mac users.

    Itunes is a good thing , and if you hack their songs without paying you are a thief. It is not like Kazaa where you might say there is no victim, Itunes is based on selling its product,and if Itunes fails mac users are screwed.

    If there is someday an Itunes for Linux are you going to hack that until it dies too?

  13. Re:This is annoying. by IamTheRealMike · · Score: 4, Insightful
    People seem to be conflating two unrelated things. iTunes can stream music from its library to other clients on the network. This is entirely independent from iTMS, the music streamed by DAAP can easily be music you ripped yourself.

    So really this has nothing to do with hurting Apple, or not agreeing to a "EULA", and it has everything to do with Apple cynically attempting to manipulate network effects. Your brother sharing his CD collection on the home network using iTunes? You can't use WinAmp, WMP, RhythmBox, Muine or whatever to access that, you have to use iTunes too. Then when you share your music, it cascades onwards.

    This is especially true in places like homes, student flats and college networks, like the ones crazney is on. Really, Apple have no excuse for this: restricting DAAP can only have one goal and that is to use peer-power of the type that keeps Windows entrenched to give iTunes an upper hand. As such it frankly deserves to be cracked.

    I know crazney. He's a good guy. We talk often - he isn't out to screw Apple or steal music. He wants to play the music on his Mac laptop using the iTunes streaming system: this seems totally fair to me.

  14. Re:hacking itunes is wrong by Eliman · · Score: 4, Insightful

    Perhaps you don't understand: libopendaap isn't about hacking iTunes. libopendaap is about other programs "talking daap" with other programs (and specifically iTunes). It's about interoperability; interoperability is perfectly legal.

  15. Re:Arms race by shawnce · · Score: 4, Insightful

    Actually if you have listened to Steve Jobs comments he doesn't believe that DRM can unbreakable in this regard. Instead you provide a compelling service with flexible allowances to win folks over and in doing so you attempt to grow the market for bought music. So in general they have not attempted to make an unbreakable system.

    That however doesn't mean you don't attempt to enforce those allowances (legally in general they need to do that to insure proper precedents are set). I believe Apple will try to do that without causing problems for its customers, without punishing folks for the acts of a few, at least based on comments by Steve and company. Apple also has to attempt enforcement to likely placate record companies and artists listing song on the store.

    Anyway, it is like the issue of cassette tapes back in the day... folks worried that rampant pirating of music would take place and kill sales. Well pirating did take place but the connivence of the tape form factor allowed things like tape players in cars, smaller/cheaper/easier to use stereos, and portable players like the Walkmans. This grew the market size for music and the large gains in market size easily offset the loss do to piracy.

    You make a good way to buy and listen to music, one easier to use, more convenient and reasonably priced to out compete the illegal channels (generally most folks like to do the right thing). This is the thinking that Steve and company has stated a few times.

    Personally I see hacking around FairPlay as a waste of time, it yields me nothing that I cannot already do based on my needs. If it pushes the business world to more draconian DRM and/or stronger legal actions that "punishes" everyone then it is doing folks more of a disservice then a service.

  16. Re:Only five million? by Golias · · Score: 5, Insightful
    Diet Pepsi is not carcinogenic. Saccharine has not been used in either Diet Coke or Diet Pepsi since NutraSweet (a.k.a. "Aspartame") was introduced in the 80s.

    There are all kinds of people (a.k.a. "kooks") who are now trying to tell you that Aspartame is bad for you. Funny how they came to that opinion just as NutraSweet's patent on Aspartame ran out, so anybody can produce a generic form of it cheaply.

    I'm convinced that all this hand-wringing about Aspartame is driven by a desire to sell you on new sweeteners, like Splenda. Every time I "follow the money" on somebody issuing warnings about the Aspartame in Diet Coke, I discover somebody who's competing with it.

    (Splenda and Sorbitol, by the way, often contain warning that "large quantities my cause mild diarrhea," by which they mean "even a few drops of this stuff will make you explosively burst out liquid faster than a fire hose within the hour, making severe dysentery seem healthy by comparison.")

    --

    Information wants to be anthropomorphized.

  17. Re:This is annoying. by badasscat · · Score: 5, Insightful

    You did not purchase the song. Read the agreement. You purchase the right to listen to the song subject to the conditions outlined in the agreement.

    I have two words for you: bull, and shit.

    I don't care what their agreement says. Nobody has to "purchase rights" to "listen" to a song. If I want to listen to a song that's playing out on the street as I happen to be walking along, nobody has any right to charge me for the privilege. Conversely, nobody is allowed to sign away their rights under the law. If I sign an agreement saying "I hereby grant you the right to kill me by strangulation" that still doesn't give you the right to kill me and it doesn't give me the right to commit suicide either (which is illegal in most states).

    Copyright law is pretty clear and the first sale doctrine well established. If I buy a song from iTunes, it's mine and I can do what I want with it provided I don't do anything to violate copyright law. That includes stripping the DRM to exercise my rights as expressly provided in copyright law (don't forget, fair use is not some nebulous concept someone came up with on Slashdot, it is part of the actual law).

    Now, you can try to quote various things from the DMCA if you want, but that won't win you many friends around here. And I don't interpret the DMCA as overriding fair use rights anyway, and neither does anyone else I know of.

  18. That DRM must be a breaze to crack! by amichalo · · Score: 4, Insightful

    So let me get this straight...
    (1) I spend 99c downloading a song
    (2) I spend the next X hours of my life writing or downloading an Apple DRM decoder
    (3) I end up with a non-DRM song and a 99c credit card bill

    I can see why this is easier than just performing step 1 and quitting. I mean, since I have 6 computers I need to play the song on, or I want to burn 8 of the identical CD, or I have no life.

    --
    I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.